<?php


namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Models\User;

class CheckPermission
{
    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        //check permission
        // get route and user id
        $route = Route::getFacadeRoot()->current()->uri();
        $user = User::find( auth()->id());

        $rv0 = $user->can($route); //can
        if ( !$rv0) {
            //return respondWithData('403',[],'no permission');
        }
        return $next($request);
    }
}
